<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class SessionsController extends Controller
{
     /**
     ** 让未登陆的用户只能访问登陆页面
     ***/

   public function __construct()
   {
      $this->middleware("guest",[
        "only"=>['create']
      ]);

   }
    //create方法
    public function create()
    {


     return view('sessions.create');
    }
   //store 方法
   public function store(Request $request)
   {
       $credentials=$this->validate($request,[
         'email' => 'required|email|max:25',
         'password' => 'required'
        ]);
        //对比users表中数据并自主加哈希加密attempt()函数的具体用法
       if(Auth::attempt($credentials,$request->has('remember'))){
          if(Auth::user()->activated){
            session()->flash('success', '欢迎，您再次回来~');
            return redirect()->intended(route('users.show', [Auth::user()]));
          }else{
             Auth::logout();//导出数据到log
             session()->flash('warning','抱歉,您的帐号未激活,请检查邮件中的注册邮件点击激活');
             return redirect('/');
          }
         }else{
           session()->flash('danger','抱歉,您的邮箱或密码错误!');
          return redirect()->back()->withInput();
        }

      return ;
   }

   //destroy 方法
   public function destroy()
   {
       Auth::logout();
       session()->flash('success', '您已成功退出！');
       return redirect('login');
   }

}
